PC-BSD 8 review

PC-BSD is a FreeBSD-based desktop distribution, with KDE as the default desktop environment. It is the most actively developed of the BSD, desktop distributions listed on this site. This review is of PC-BSD 8, the latest stable edition, which was released earlier this week.

Installation – PC-BSD 8 sports a redesigned graphical installation program. It is one of the better graphical installation programs available on any distribution – Linux or BSD. It features a very clean and intuitive interface. Aside from providing a means to install a complete desktop system, the installer also allows for the installation of a FreeBSD server.PC-BSD's graphical installation program

It supports the following file system types: UFS (UNIX file System), ZFS (Zettabyte file system), UFS+S and UFS+J. By default, the installer creates the following partitions: a main partition of about 2 GB for /, the main filesystem, one for swap of about 10 GB, another for /var of about 1 GB, and the rest of the disk space is assigned to /usr. UFS+S is the default file system type for all partitions. Encryption of the root partition is not supported. While it is possible to specify the encryption of the other partitions, the implementation does not provide the protection that disk encryption is expected to. Fedora has a better implementation of disk encryption than this or any other distribution.

Desktop – PC-BSD is a KDE-focused distribution. This release ships with KDE 4.3.5, using the kickoff-style menu by default. If you have the requisite hardware, Compiz-Fusion, a 3D compositing window manager, works right out of the box.

One of the "default" desktop backgrounds of PC-BSD 8

Administration and Software Management – PC-BSD uses the traditional UNIX root user account system. As on any other distribution, that account is created during installation. You may also create one or more regular user accounts during the installation process. All graphical management tools are accessible from System Settings. With regards to software management, new users should be aware that PC-BSD is, in a sense, a hybrid distribution: The pbi technology makes installing pre-compiled applications very easy. Many other applications have to be compiled from source. pbiDIR provides a graphical interface for the installation of pre-compiled packages. If you’ve never used PC-BSD, you may browse the list of installable packages at http://www.pbidir.com/. That site shows exactly the same interface as the graphical installer.pbiDIR is the graphical installer on PC-BSD 8

Default Installed Applications – Most of the applications and system utilities pre-installed on PC-BSD 8 are those that you’ll find on most stock installations of KDE-based distributions. Here’s a list of some of those applications::

Konqueror, a file manager and Web browser

digiKam

SKanlite

JuK media player

Kopete, a multi-protocol, instant messaging application

Akregator

Dragon Player

KMPlayer

KsCD

LoKalize

You’ll notice that Firefox and OpenOffice.org are missing from the list. This is because those applications are “optional” applications that you may choose to install during the installation process. In any case, you can install Firefox, OpenOffice.org suite and many more application packages on a running system via the graphical installer.

Browsers and browser plugins – If you did not install any available components during the installation process, Konqueror, a file and Web browser for the K Desktop Environment, will be the only browser installed on the system. Out of the box, Konqueror does Flash, but because Java JRE is not installed, it fails the Java test. Konqueror is a decent browser, but for a better browsing, most users will opt to use Mozilla Firefox.

Network Manager and Security tools – The network manager automatically configures the network interfaces on the system. It shows facilities only for configuring and managing wired and wireless networks. On the security applications front, OpenSSH server and client are installed. There are no VPN clients or servers installed, and there are none installable via the graphical package manager. PF, OpenBSD’s packet filter, and IPFW are the firewall applications on PC-BSD 8. Both are enabled by default, with PF doing the heavy lifting. A graphical interface to PF is installed and pre-configured.PC-BSD's network manager application

PC-BSD's graphical firewall manager

The Warden, a graphical/command line security tool, simplifies the management of applications in PC-BSD’s Jail system. The Warden is not in the default installation. It is one of the “optional” components available during the installation process, and may be installed using the graphical package manager.The Warden is the Jail management utility on PC-BSD 8

Media and Hardware Detection – Media and hardware on PC-BSD 8 is no different from what you’d experience on any KDE-based distribution. The lone choice for playing DVD videos available in the video dialog prompt is Dragon Player. Because libdvdcss is not installed, and it’s not installable via pbiDIR, Dragon Player is unable to play encrypted video DVDs. If you need to play any commercial video DVD on PC-BSD 8, you’ll have to compile libdvdcss from the ports system, where libdvdcss-1.2.10 is available in the multimedia category.

The video dialog prompt showing Dragon Player as one of the available applications for playing DVDs videos

For audio CDs, KsCD is the only audio CD player in the audio dialog prompt. However, it is broken. It will only play the first six seconds of an audio CD and then stop. You’ll have to install Exaile or another audio CD player of your choice if you need play audio CDs on PC-BSD 8. By default, most Linux distribution will automatically configure a connected printer. On PC-BSD 8, however, you will have to do it manually. On the test system, configuring my HP Deskjet F4280 All-in-One using the installed HP Device Manager was a breeze.

29 Comments

You said: “Encryption of the root partition is not supported. While it is possible to specify the encryption of the other partitions, the implementation does not provide the protection that disk encryption is expected to. Fedora has a better implementation of disk encryption than this or any other distribution.”

This is a very dumb thing to say for the following reasons:

1) Slackware was the first real distribution to be able to encrypt its root partition (starting with 12.0 released June 2007) and this was documented BY Slackware and released as a README_CRYPT.TXT on the official install media. The first time Fedora was able to be installed this way that I see on Google is Fedora 8, November 2007.

2) Such a setup on Slackware Linux is extremely easy (just manually create LUKS+LVM, tell setup to install to it, make an initrd, and reboot) and much less risky (seriously, on Fedora 8 you install somewhere else and then forcefully raw-copy the data into the container setup? Data integrity alarm bells should be making you deaf by now). LUKS+LVM is officially supported by Slackware Linux since this time, and by the installer basically. To my knowledge I have yet to see any other Linux distribution that understands and can install to a fully encrypted setup like this (much less, my next point is….)

3) When you can reveal to me what information someone can obtain from an unencrypted root partition (assuming swap and /home are encrypted), let me know. Unless they can get access to the unfiltered memory on the machine (and/or cold-boot the memory but I highly doubt you’re ever going to have anyone that good pursuing your information) there is no other place to get the encryption key you supply with LUKS. The only other way to get at the data is the “angry maid” attack (which applies to both luks+lvm and any simpler setup with an initrd). At most you’re only making life a minute harder for a would-be attacker (because copies of Live Linux CDs are freely downloaded).

4) The L in LUKS stands for LINUX. They may have the necessary software by now, but they’re not Linux so why are you pestering them? I don’t see Mac or Windows being able to do this in the software level (i.e. encrypted root) so your argument is empty.

So to summarize, Slackware had it first, Slackware officially supported it first, encrypting the root partition is 99% irrelevant to security assuming you take other smart steps, and you’re unwise to rip on BSD about something that was created for Linux (LUKS and LVM).

Since I’ve never reviewed Slackware, I’ll take your word for it that “Slackware was the first real distribution to be able to encrypt its root partition.” This, of course, implies that there are non-real distributions that had the feature before Slackware 😉

Your second point leads me to believe that you have not used Fedora since Fedora 8. If you did, you’d know that all it takes to configure encrypted LVM on Fedora is one mouse click. Nothing more. Beats manually creating LUKS+LVM, initrd, and other “extremely easy” stuff. There is a short tutorial about it here.

On point 3, I am not in a position to reveal to you “what information someone can obtain from an unencrypted root partition,” but that does not been they can not. Your point here implies that encrypting root is not necessary, that encrypting Swap and /home is all that is needed. I find that hard to believe. If that had ended with the implied statement, I’d have cut you some slack, but to explicitly state that “encrypting the root partition is 99% irrelevant to security” makes my head spin. It’s still spinning. In a very bad way, that statement is funny.

Before you start defending this statement, consider this opening paragraph from the disk encryption chapter of the FreeBSD Handbook:

File permissions and Mandatory Access Control (MAC) … help prevent unauthorized third-parties from accessing data while the operating system is active and the computer is powered up. However, the permissions enforced by the operating system are irrelevant if an attacker has physical access to a computer and can simply move the computer’s hard drive to another system to copy and analyze the sensitive data.

Disk encryption is ineffective if an unauthorized party with physical access to your computer can boot it. The point of disk encryption is to deny access to data stored on your computer to people who do not have a right to read it. And there is no better way to enforce that than to make it impossible for them to boot the computer completely. Most distributions do not put /home on a separate partition, so encrypting your home directory wont do you much good.

Who had it first is not as important as who is doing it right. Btw, my suggestion to the PC-BSD development team (I’m subscribed to their testing mailing list) led to a change in the manner that disk encryption is configured. Grab a snapshot ISO image here and see for yourself.

It’s obvious that you have not kept up with the times. Many distributions do not create a separate partition for /home, so stating that “encrypting the root partition is 99% irrelevant to security” is implying that disk encryption plays no meaningful role in the security posture of a system.

In PC-BSD, for example, the default partitioning scheme has /home in a jail under /usr, with /usr on a separate partition. Ubuntu and the bevy of distributions based or derived from it place /home under the same partition as /, with the option to encrypt a user’s home directory. And depending on the size of a hard disk, Fedora and other distributions that use Anaconda follow the same script. So you can imagine what not encrypting root in these situations amount to.

But will this version recognize my wireless NIC, TP-LINK TLWN353G/TL ?? pcBSD7 does not, and nowhere can I find a driver or installation protocol that works. Has anyone overcome this problem with pcBSD 7 or 8?

I am currenly installing 8.1 on my laptop. It has I7 with 6gb ram. Install was slow but painless. It still felt a tad sluggish for such a high end machine (vaio F series) with so much ram and such a decent processor.

Setup is clean, easy to configure, nothing was too hard even for a beginner like myself. I was up and running the internet with firefox skyping with friends in 30 or 40 minutes after I stuck the CD in and booted.

I look forward to updates. Note it had trouble with my atheros wireless card and nvidia 330m.

Like others on here, I was excited to get my hands on another PC-BSD release. However, I don’t know if it’s BSD’s KDE or if it’s something with the nvidia drivers, but the system was really slow. For example, going through subcategories in the KDE menu created a noticeable stutter. The system takes a considerable amount of time to start-up and just using standard KDE applications makes the system feel sluggish. So unfortunately, PC-BSD didn’t live up to my expectations. Personally, I think it’s a KDE issue because when PC-BSD used KDE 3.5, it was always responsive.

Nice look, but slow and buggy. I’ve installed PC-BSD v8 a total of 3 times on the same machine, and each time, the root password gets corrupted. I can not su and do anything that requires administrative privileges. Going back to 7.1.1. Looking forward to 8.1.

Just tried it again after a re-download/md5 check, & an eon-long install (on my other machine).
Some of the installed applications wouldn’t work, e.g. music/cd player/VLC, etc.
SO, I’m erasing the ‘pissy beastie’ & installing Haiku R1/Alpha, which looks promising & interesting, & doesn’t make false claims!
At least I CAN depend on (hacked) XP with FOSS on this machine!

I really looked forward to this release & tested it, only to find I can’t install my mobile broadband ‘dongle’! (Same goes for OpenSolaris, & Pardus, by the way)

I also found PC-BSD 8.0 was slow, REALLY slow, like Vista is fast to boot-up in comparison!

Anyone remember the problems with the Hubble deep-space telescope when it was first ‘booted-up’? I’m sure the problems with 8.0 will be resolved, but, aren’t these things supposed to be sorted in a ‘stable’ release version?

It would be really nice to live in a world without windows, gates or bills!

Something must be wrong in PC-BSD 8 x64 release or KDE: there never was OS installed of such ill responsiveness on that machine ever. Try to play simple thing as Tetris, and you cannot enjoy because of constantly struggling response, and that’s not because of being picky – shouldn’t be that bad, cause should be hunted and fixed. It is AMD64 2800+ system with 1GB RAM, that is pretty well running either x86 or x64 code.

Otherwise, installation went well, once big enough partition was given (upgrade of former FreeBSD instance was not successful probably because of that). Also, OS appearance is attractive and rational. Packages of Skype, Java RE, Opera installed and integrated smoothly. Good job, that needs very little fixing to enjoy it in full extent possible.

I really liked PC-BSD 8, it looked good, installed well, was able to use my ATI 3d card( Which has always been a problem for some reason, check the forums), but installing stuff did throw up the issues you spoke about. Using PBIDir was inconsistent again. So much so that unless you’re a diehard PC-BSD fan you’ll go back to the other *BSD’s instead. I have to say though, that if they get their act together, and just hold off releasing a flawed OS, then they’ll certainly do well.

The problem with going back to “the other *BSD’s” is that there is no other desktop BSD to go back to. PC-BSD is the only usable desktop BSD that we have, but it is no yet ready for prime time. Like you said, this was a flawed release.

finid-
I strongly agree with the limited *BSD options available as a “true” desktop, however, like Gentoo Linux, if take the time to create a desktop properly once, all you have will be updates (not a :20 minute install like Ubuntu or Debian [I love Debian – no disrespect meant here], but at least a progressive day or so). Whilest on this subject, I would like to mention DesktopBSD, which I thought was MUCH better than the PC-BSD project. DesktopBSD was FreeBSD with a front-end that worked flawlessly and when that project collapsed (with what I assumed was because of too much attention being paid to the PC-BSD group), I was floored. It ran great on both x86 and x64 machines (I ran it on both), worked wonderfully with ports/portsnap, and had a hardware recognition system unparalleled by any current BSD out there. As a community, IMHO, we shot ourselves in the foot by letting this flavor slip away………I would return to using it, but the promise of updates is apparently lacking. My appreciation does, however, go out to developers and support team that made it an awesome addition to available desktops out there (AND IT WASN’T BASED (in any way) ON UBUNTU!!!!! – Canonical is a cancer to the Linux community).

As far as I know, DesktopBSD is dead. I’m keeping an eye on DragonFlyBSD. It’s another promising distro, trying to do things it’s won way. As far as Canonical being “a cancer to the Linux community,” I concur. M. Shuttleworth is an opportunist. He’s does not really care about the Free Software community.

DesktopBSD may not be completely dead. I still run it upgraded to 7.3 which is supported for a couple of years. There are people on the forums who want to resurect/fork it. It was and still is far superior to PC-BSD and you can just keep it updated by the traditional FreeBSD methods. keep an eye out for http://www.smartbsd.org

I think the new look is great, but unfortunately, that’s where the excitement ended for me. Slow and unresponsive. PBIs failed to work so I went to use ports and I had a blow-up of a proportion that made me stop any further use of PC-BSD, now and probably for a long time to come. Quick reinstall of FreeBSD 7.3, updated a few apps, and I’m home again. PC-BSD looks great, but eye candy really = bloat which usually results in a great looking system that suffers from extremely poor performance.

I tested out this version myself. I had issues using zfs for my root file system… but otherwise things went smoothly. its interesting to note that i was unable to install the freebsd 8 (using their media) on the same machine due to lack of drivers.

i really enjoyed the KDE from pcbsd. i normally use gnome but have lately tried two other OSes with kde4 out of the box; linux mint kde and kubuntu…. both were extremely buggy with the interface and apps crashing all the time.

The problems with playing CDs Kscd are well documented as is with amarok its all down to bad coding from KDE. The latest KDE4.4 nearly solves it but both players still crash at will. I personally think PCBSD really tries to bring BSD to the public and every version improves on the last. The pbi system for software is a good idea as programs are not dependent on each other. PCBSD is closing the gap with Linux at a very fast rate.